Credentials Required
Required Credentials
Before beginning the installation, ensure you have the following credentials available:
| Credential | Source | Required |
|---|---|---|
| AWS IAM Credentials | Provided by Manifest Cyber during onboarding | Required |
| NVD API Token | Request from NIST NVD | Required |
| OIDC Client Credentials | Your identity provider (Microsoft, Keycloak, Google, etc.) | Recommended |
| SMTP Server Credentials | Your email provider (basic authentication or XOAUTH) | Optional |
AWS IAM Credentials
These credentials are provided by Manifest Cyber during the onboarding process. They grant access to:
- The self-hosted installation bundle stored in Manifest's S3 bucket
- The installation tools container image in Amazon ECR
NVD API Token
The NVD (National Vulnerability Database) API token is required for vulnerability data synchronization. You can request a free API key from NIST NVD.
OIDC Client Credentials (Optional)
Manifest Self-Hosted uses OIDC for authentication. You will need to configure an OIDC application with your identity provider and obtain:
- Client ID
- Client Secret
- Issuer URL
If you do not have an existing identity provider, Manifest can deploy a Keycloak instance automatically.
See the Configuration Reference for detailed OIDC setup instructions.
SMTP Server Credentials (Optional)
If you want to enable email notifications, you will need SMTP server credentials. Both basic authentication and XOAUTH are supported.
AI Risk Product Credentials
If you are subscribed to the AI Risk product, you will additionally require tokens for the following services:
- Hugging Face
- OpenAI API
Next Steps
Once you have gathered all required credentials, proceed to the Installation Guide.
Updated 5 days ago